Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Is it possible to use an IP from the DMZ zone interface as the management IP?

    Posted 09-30-2013 16:04

    So, I have an SSG-140 that has one interface configured as a DMZ zone with a public /24 assigned to it.  On the Untrust interface I have a separate /29 IP allocation that is used to connect to the device for web managment.

     

    Would it be possible to dump the /29 allocation and pull an IP out of the /24 in the DMZ zone to use for the management interface?

     

    I guess the part I'm not seeing here is how to unassign a /32 from the /24 allocation assigned to the DMZ zone/interface.

     

    Am I making sense?



  • 2.  RE: Is it possible to use an IP from the DMZ zone interface as the management IP?
    Best Answer

    Posted 09-30-2013 21:26

    By default , device will not allow you to configure overlapping IPs on two interfaces .

     

    If you want to use  Ip range from /24 network assigned to DMZ interface, you can go for further subnetting of /24 network i.e to divide it into two networks